Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230352e302f32342d3234203d3e203633303233.roa
File: 3134372e3132352e3230352e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: qeMa5hl8u7/tJ362UfpmKbKS3pDSu27cZrENDSns+pk=
Subject key identifier: C3:6B:EC:2A:85:99:45:50:C3:EF:E6:1E:D2:EC:A4:CC:EB:7E:34:D4
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 62A5C5EA6CCC057A97C30A15721E46E342BF87DA
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230352e302f32342d3234203d3e203633303233.roa
Signing time: Tue 21 Apr 2026 09:09:13 +0000
ROA not before: Tue 21 Apr 2026 09:04:13 +0000
ROA not after: Tue 20 Apr 2027 09:09:13 +0000
asID: 63023
IP address blocks: 147.125.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:a5:c5:ea:6c:cc:05:7a:97:c3:0a:15:72:1e:46:e3:42:bf:87:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:13 2026 GMT
Not After : Apr 20 09:09:13 2027 GMT
Subject: CN=C36BEC2A85994550C3EFE61ED2ECA4CCEB7E34D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:da:65:09:e1:cf:e9:94:57:e9:d7:10:0a:7f:
a9:bd:fe:56:ab:bd:fc:40:f9:a4:b2:7e:ae:ca:3a:
e7:2e:d1:bb:51:3d:09:55:0f:1e:ee:44:e1:6d:74:
2b:51:f5:5f:2e:f1:04:0d:33:e8:e3:70:22:22:b6:
a3:68:a0:f3:b2:5a:31:d7:66:77:8f:84:7b:84:73:
bb:39:48:fb:19:c5:e0:48:8d:99:5e:3f:36:76:ac:
aa:7e:95:87:89:cb:b2:62:90:8a:8c:6e:f4:b2:36:
c3:7d:62:f8:be:7b:7c:39:73:e8:e0:86:bc:2e:06:
7c:9d:9e:a6:83:a9:5d:88:85:5c:54:ea:24:d4:4c:
04:f1:f4:aa:b4:60:7e:7c:1b:c4:ec:3a:6e:3b:38:
61:3d:c5:dd:d7:ea:3e:b4:4d:11:0a:7d:80:64:85:
6b:2d:b1:10:2a:b0:33:1f:da:9d:81:df:a8:24:68:
7a:01:5e:55:3d:b4:0b:60:d4:5d:65:0e:e0:9b:ae:
e1:2c:6a:85:73:72:c5:ae:af:e5:7c:66:99:d9:ff:
bc:56:5f:88:49:61:9a:67:c2:e0:08:8f:c9:27:99:
d2:6f:ce:e0:3a:21:f9:15:8f:8e:c5:8b:09:4d:c9:
d7:08:7a:fa:0a:cb:44:a3:aa:d7:4f:99:2c:cf:46:
79:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:6B:EC:2A:85:99:45:50:C3:EF:E6:1E:D2:EC:A4:CC:EB:7E:34:D4
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230352e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.205.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:93:3d:10:57:a3:37:ac:71:e8:52:9a:a0:a4:30:b1:67:dc:
4b:d4:c6:b4:55:6c:be:87:01:a2:01:8e:f7:ac:43:35:63:af:
76:5a:e1:84:0d:19:62:56:31:b7:dc:dd:14:fc:40:b2:37:11:
8d:70:ae:26:02:b0:8d:10:c4:18:14:24:32:d4:89:48:56:f0:
8a:71:bf:e0:de:c6:dd:aa:78:8a:0a:a5:21:2e:63:3d:5b:a0:
72:d3:98:8d:ba:95:d3:6a:73:89:d4:a3:10:bd:d9:a7:ee:37:
33:1f:42:9a:c6:dc:ca:58:b2:35:50:95:29:b0:ed:98:9e:d2:
24:c8:c3:f4:30:70:30:5b:4f:b2:e1:c1:92:0f:d7:5c:6a:73:
7f:84:e5:6a:6d:c4:8a:94:f1:da:66:1d:fe:36:5e:17:2d:40:
f6:80:6b:aa:34:3a:c7:96:a4:fa:cf:3c:72:ba:84:12:dc:12:
da:c6:ad:e7:65:0a:d4:25:10:40:e3:cc:41:9f:23:6c:c4:ff:
aa:79:ab:52:db:8f:26:f5:ac:fe:c1:d7:e1:f2:52:88:39:36:
c1:31:e0:b4:47:9e:54:80:5e:08:e8:c9:64:6d:e7:fd:88:d9:
02:67:d6:9e:ab:2b:ef:9f:89:c6:3e:2e:04:ba:c2:d7:8f:79:
c3:bb:45:bf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYqXF6mzMBXqXwwoVch5G40K/h9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTNaFw0yNzA0MjAwOTA5MTNaMDMxMTAvBgNV
BAMTKEMzNkJFQzJBODU5OTQ1NTBDM0VGRTYxRUQyRUNBNENDRUI3RTM0RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC42mUJ4c/plFfp1xAKf6m9/lar
vfxA+aSyfq7KOucu0btRPQlVDx7uROFtdCtR9V8u8QQNM+jjcCIitqNooPOyWjHX
ZnePhHuEc7s5SPsZxeBIjZlePzZ2rKp+lYeJy7JikIqMbvSyNsN9Yvi+e3w5c+jg
hrwuBnydnqaDqV2IhVxU6iTUTATx9Kq0YH58G8TsOm47OGE9xd3X6j60TREKfYBk
hWstsRAqsDMf2p2B36gkaHoBXlU9tAtg1F1lDuCbruEsaoVzcsWur+V8ZpnZ/7xW
X4hJYZpnwuAIj8knmdJvzuA6IfkVj47FiwlNydcIevoKy0SjqtdPmSzPRnnbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUw2vsKoWZRVDD7+Ye0uykzOt+NNQwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzMDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfc0wDQYJKoZIhvcNAQELBQADggEBAC6TPRBXozescehSmqCkMLFn3EvUxrRV
bL6HAaIBjvesQzVjr3Za4YQNGWJWMbfc3RT8QLI3EY1wriYCsI0QxBgUJDLUiUhW
8Ipxv+Dext2qeIoKpSEuYz1boHLTmI26ldNqc4nUoxC92afuNzMfQprG3MpYsjVQ
lSmw7Zie0iTIw/QwcDBbT7LhwZIP11xqc3+E5WptxIqU8dpmHf42XhctQPaAa6o0
OseWpPrPPHK6hBLcEtrGredlCtQlEEDjzEGfI2zE/6p5q1Lbjyb1rP7B1+HyUog5
NsEx4LRHnlSAXgjoyWRt5/2I2QJn1p6rK++ficY+LgS6wtePecO7Rb8=
-----END CERTIFICATE-----
Generated at Wed May 13 09:55:12 2026 by rpki-client